Netcraft Extension

The Netcraft Extension is a tool allowing easy lookup of information relating to the sites you visit and providing protection from Phishing.

Key Features:

• Protection against phishing sites — The Netcraft anti-phishing community is effectively a giant neighbourhood watch scheme, empowering the most alert and most expert members to defend everyone within the community. As soon as the first recipients of a phishing mail report it, we can block it for all users of the extension providing an additional level of protection from Phishing. Netcraft processes reports of fraudulent URLs from a diverse variety of sources and proactively searches for new fraudulent sites.

• Detailed site reports – simply click the Netcraft logo to access a wealth of information about the sites you visit, helping you to make informed choices about their safety.

• Risk Ratings – we evaluate the characteristics of the site and compare these against those depicted by fraudulent sites. The result is a simple visual summary displayed on the site report.

• Conveniently report suspected phishing & fraudulent sites – At the click of the button you can report suspected web forgeries to Netcraft, helping to protect the community. Netcraft operates an incentive scheme for Phishing site submissions, including iPads, backpacks, mugs, and more… https://news.netcraft.com/phishing-report-competition

• PFS indicator – check if sites using SSL for encryption support Perfect Forward Secrecy (PFS). PFS ensures that if the private key of the site is compromised – for example by a court order, social engineering, an attack against the site, or cryptanalysis – your historical encrypted traffic is still safe.

• Heartbleed indicator – check if sites are still using an SSL certificate that was potentially compromised by Heartbleed. The extension uses data from Netcraft's SSL Survey to determine whether a site offered the heartbeat TLS Extension prior to the Heartbleed disclosure. If this is the case, the extension will also check to see if the site's SSL certificate has been replaced; if it has not, then the site is considered to be unsafe, as the certificate's private key could have been compromised.

Find out more about the Extension, including detailed tutorials, FAQs, phishing statistics, and how to protect yourself from online fraud at: https://toolbar.netcraft.com

About Netcraft:

Netcraft is an Internet services company based in Bath, England. We provide a range of services relating to internet data analysis, defences against fraud and phishing, web application security testing, and automated network scanning. In particular, Netcraft’s anti-phishing services are very widely licensed, ultimately protecting hundreds of millions of people.

In this case, visiting https://www.wikipedia.org gives a ECDHE-RSA-AES128-SHA cipher suite which does have the PFS property. We are reflecting that by displaying PFS: (tick) in the dropdown displayed when on the HTTPS version of wikipedia.

The screenshot at the following URL demonstrates the PFS display: http://imgur.com/WvYGiSG

chas4 dit:

2 juillet 2014

Nope, not shown at all on https://en.wikipedia.org/wiki/Perfect_forward_secrecy